Tag: security | SpinSafe

Google releases May 2024 Android security update with Bluetooth improvements and Pixel 8 camera fix

May 8, 2024/in Mobile Security

Google has released its May 2024 Android security update, primarily focused on improving Bluetooth LE audio and fixing a camera issue on the Pixel 8 series. The update has arrived on various Pixel devices, including the Pixel Fold and Pixel Tablet.

The May update includes enhancements for Bluetooth LE audio stability and performance across most supported Pixel models. It also specifically addresses a camera issue that could cause performance problems in certain video recording scenarios on devices like the Pixel 8 Pro.

The latest updates incorporate security patches from both May 1st and May 5th. The May 1st set of patches primarily addresses various Android Framework and System vulnerabilities. In contrast, the May 5th update focuses on fixes for hardware components from companies like Arm, Qualcomm, and MediaTek. This is the list of fixes according to the changelog:

Bluetooth

General improvements in stability or performance for Bluetooth LE audio

Camera

Fix for camera performance under certain conditions when recording video

The update is approximately 5MB and the build number varies depending on the device model and carrier. Here is the breakdown on which build number you should expect to receive on your Pixel:

Global

Pixel 5a (5G): AP1A.240505.004
Pixel 6: AP1A.240505.004
Pixel 6 Pro: AP1A.240505.004
Pixel 6a: AP1A.240505.004
Pixel 7: AP1A.240505.005
Pixel 7 Pro: AP1A.240505.005
Pixel 7a: AP1A.240505.005
Pixel Tablet: AP1A.240505.004
Pixel Fold: AP1A.240505.005
Pixel 8: AP1A.240505.005
Pixel 8 Pro: AP1A.240505.005

KDDI

Pixel 7: AP1A.240505.005.B1
Pixel 7 Pro: AP1A.240505.005.B1
Pixel 7a: AP1A.240505.005.B1
Pixel Fold: AP1A.240505.005.B1
Pixel 8: AP1A.240505.005.B1
Pixel 8 Pro: AP1A.240505.005.B1

T-Mobile, C Spire, US Cellular & Cellcom

Pixel 7: AP1A.240505.004
Pixel 7 Pro: AP1A.240505.004
Pixel 7a: AP1A.240505.004
Pixel Fold: AP1A.240505.004
Pixel 8: AP1A.240505.004
Pixel 8 Pro: AP1A.240505.004

Verizon

Pixel 7: AP1A.240505.005.A1
Pixel 7 Pro: AP1A.240505.005.A1
Pixel 7a: AP1A.240505.005.A1
Pixel Fold: AP1A.240505.005.A1
Pixel 8: AP1A.240505.005.A1
Pixel 8 Pro: AP1A.240505.005.A1

To check if your Pixel device has received the May 2024 update, navigate to Settings > System > Software updates > System update….

Source…

Krebs on Security – In-depth security news and investigation

May 7, 2024/in Internet Security

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called “The Manipulaters,” a sprawling web hosting network of phishing and spam delivery platforms. In January 2024, The Manipulaters pleaded with this author to unpublish previous stories about their work, claiming the group had turned over a new leaf and gone legitimate. But new research suggests that while they have improved the quality of their products and services, these nitwits still fail spectacularly at hiding their illegal activities.

In May 2015, KrebsOnSecurity published a brief writeup about the brazen Manipulaters team, noting that they openly operated hundreds of web sites selling tools designed to trick people into giving up usernames and passwords, or deploying malicious software on their PCs.

Manipulaters advertisement for “Office 365 Private Page with Antibot” phishing kit sold on the domain heartsender,com. “Antibot” refers to functionality that attempts to evade automated detection techniques, keeping a phish deployed as long as possible. Image: DomainTools.

The core brand of The Manipulaters has long been a shared cybercriminal identity named “Saim Raza,” who for the past decade has peddled a popular spamming and phishing service variously called “Fudtools,” “Fudpage,” “Fudsender,” “FudCo,” etc. The term “FUD” in those names stands for “Fully Un-Detectable,” and it refers to cybercrime resources that will evade detection by security tools like antivirus software or anti-spam appliances.

A September 2021 story here checked in on The Manipulaters, and found that Saim Raza and company were prospering under their FudCo brands, which they secretly managed from a front company called We Code Solutions.

That piece worked backwards from all of the known Saim Raza email addresses to identify Facebook profiles for multiple We Code Solutions employees, many of whom could be seen celebrating company anniversaries gathered around a giant cake with the words “FudCo” painted in icing.

Since that story ran, KrebsOnSecurity has heard from this Saim Raza identity on two occasions. The first was in the weeks following the Sept. 2021…

Source…

New Android security flaw lets hackers seize control of apps — how to stay safe

May 6, 2024/in Mobile Security

Editor’s Note: We have updated this article to highlight the fact that the vulnerable apps in question have since been patched by their respective developers. Also, we’ve changed the headline to address that the apps themselves are not malicious and don’t need to be deleted. We’ll update this story as we learn more.

Microsoft is sounding the alarm about a recently discovered critical security vulnerability on Android named “Dirty Stream” that can let malicious apps easily hijack legitimate apps. Worse still, this flaw impacts multiple apps with hundreds of millions of installs. If you have one of the best Android phones, here’s what you need to know to protect your data.

The vulnerability relates to the ContentProvider system prevalent across many popular Android apps, which manages access to structured data sets meant to be shared between different applications. It’s basically what lets your Android apps talk to one another and share files. To protect users and ward off unauthorized access, the system includes safeguards such as strict isolation of data, unique permissions attached to specific URIs (Uniform Resource Identifiers), and path validation security.

According to Microsoft’s alert, two vulnerable apps that have since been patched include Xiaomi Inc.’s File Manager (1B+ installs) and WPS Office (500M+ installs).

What makes the Dirty Stream vulnerability so devious is how it manipulates this system. Microsoft has found that hackers can create “custom intents,” messaging objects that facilitate communication between components across Android apps, to bypass these security measures. By exploiting this loophole, malicious apps can send a file with a manipulated filename or path to another app using a custom intent, sneaking in harmful code disguised as legitimate files.

From there, a hacker could trick a vulnerable app into overwriting critical files within its private storage space — and the results can be devastating. As BleepingComputer put it, Dirty Stream essentially turns a common OS-level function into a weaponized tool to execute unauthorized code, steal data, and even hijack an app while the user is none the wiser.

“Arbitrary code execution can…

Source…

German army faces new questions over online security

May 5, 2024/in Internet Security

German army faces new questions over online security

by AFP Staff Writers

Berlin (AFP) May 4, 2024

Germany’s army faced more questions over security lapses after the Zeit Online news website on Saturday reported that thousands of its meetings were freely accessible online.

Federal prosecutors are already investigating a secret army conversation on the Ukraine war that was wiretapped and ended up on Russian social media in March.

The latest security flaw that Zeit Online reported on again concerned the online video-conference tool Webex, a popular public platform for audio and video meetings, with additional security buffers built in.

Zeit Online said it had been able to access Germany army meetings by using simple search terms on the platform.

“More than 6,000 meetings could be found online,” some of which were meant to be classified, it wrote.

Sensitive issue covered included the long-range Taurus missiles that Ukraine has been calling for, and the issue of online warfare.

Online meeting rooms attributed to 248,000 German soldiers were easy to detect thanks to weak online design that lacked even password protection, Zeit Online added. That allowed its reporters to find the online meeting room of air force chief Ingo Gerhartz.

His name came up during reports of the earlier leak in March, when a recording of the talks between four high-ranking air force officers was posted on Telegram by the head of Russia’s state-backed RT channel. He was one of the four officers recorded.

Zeit Online said that the army only became aware of the security flaws after they approached them for comment. The security issue was first identified by Netzbegruenung, a group of cyber-activists, it reported.

An army spokesman confirmed to AFP that there was a flaw in the army’s Webex sites but that once it had been drawn to their attention they had corrected it within 24 hours.

“It was not possible to participate in the videoconferences without the knowledge of the participants or without authorisation,” he added. “No confidential content could therefore leave the conferences.”

Zeit Online said the Webex sites of Chancellor Olaf Scholz as well as key government…

Source…

Tag Archive for: security